DMZ - Multi NIC environment / IP rule problem
we have a problem regarding to multi nic environment.
Our Linux box (CentOS 6.3) works as an application server and on this machine 6 NIC's are active.
In all NIC's there are min. 1 IP set.
All setted IP's are real IP's (Public Domain Network IP's) and are part of the DMZ.
To avoid asynchroning networking, the necessary arp_ignore and arp_announce parameters are set.
After setting the arp_ignore and arp_announce parameters, requests to the server are caught by the related NIC port (this is what we want) but the replay is made by another port (eth0, not acceptable for us).
Writing routes was helpful for us but does fits only for the subnet, outside of the subnet (or internet) the server gets the request but does not answer for it.
We have setted following routes:
ip route add xxx.xxx.237.128/26 dev eth5 src xxx.xxx.237.167 table gw_eth5
ip route add default via xxx.xxx.237.167 table gw_eth5
ip rule add from xxx.xxx.237.167 table gw_eth5
ip route add xxx.xxx.237.128/26 dev eth4 src xxx.xxx.237.166 table gw_eth4
ip route add default via xxx.xxx.237.166 table gw_eth4
ip rule add from xxx.xxx.237.166 table gw_eth4
But how to set the rules for 0.0.0.0/0 to have correct response from related NIC of request from the internet?
Many thanks for any hints in advance.